Setting up new Company server

[wbk]

I just got hired in a company working as their It-supporter.

Previously I primarily worked with level 2 support, and I have never really worked in debt with servers.

But I am a quick learner and i am sure I will be able to work this out, but I do need some sort of advice because I haven't really heard about this particular problem before..
 

So..

The company I am working for (I'll call them Alpha), recently bought a part of another company (I'll call them Beta)..

My company - Alpha overtook computers, furniture, servers and so on.. But... 

The domain, the server provides is owned by Beta. Every user at work still uses their credentials connected to Betas domain.

The server computer is also connected to Beta's domain - therefore Beta won't give me any passwords for the server computer.
 

Today Beta chose to shutdown our connection to their domain. Resulting in every employee being unable to login to their computer.
 

I think that my only solution is to buy a new server and begin from scratch, creating a new domain controller, a new AD and new file server etc..

But I need some advice.. Thx

[tt2468]

Does alpha not have a domain controller? What are your requirements? (amount of pcs, amount of data, etc)

[wbk]

8 minutes ago, tt2468 said:

Does alpha not have a domain controller? What are your requirements? (amount of pcs, amount of data, etc)

Not at the moment. Apparently nobody thought about this until the obvious problem showed up today..
We are relatively small company 15 employees, 20 pc's and approximately 5-10 tb of data.

[tt2468]

1 minute ago, wbk said:

Not at the moment. Apparently nobody thought about this until the obvious problem showed up today..
We are relatively small company 15 employees, 20 pc's and approximately 5-10 tb of data.

Are you in the US at all?

[wbk]

Nope EU

[argyle]

It depends on a lot of factors. Was the removal of the connection intentional/malicious? What type of configuration was there previously, was there a specific forest for your location? are there shared resources off site you no longer have access to and need to replicate?

 

Certainly it's simple enough to set up an LDAP server for authentication and network storage shares. It's probably best to virtualize the servers and use a SAN and backup solution. I guess it also depends on how much downtime you are expecting as to how you would need to implement the new configuration.

[tt2468]

Just now, wbk said:

Nope EU

Hmm, ok.

 

I was going to make an ebay wishlist full of parts that you would be able to use, but I'm in the US. Many of the parts that follow are available from ebay.

 

Parts you should use:

• Dell PowerEdge r510 12 bay (You will want one that also comes with the h700 raid controller. The PERC controllers do not support drives over 2TB)
• 12x Dell 3.5" HDD trays
• 12x WD Red (or any drives labeled for NAS use by the manufacturer like Seagate Ironwolf) drives
• You will want at least 32GB ram total in the system
• If power usage is an issue, then the Xeon L5640s are the best option. They use very little power, and having 2x of them in your system gives you a total of 12 cores and 24 threads.

[wbk]

6 minutes ago, argyle said:

It depends on a lot of factors. Was the removal of the connection intentional/malicious? What type of configuration was there previously, was there a specific forest for your location? are there shared resources off site you no longer have access to and need to replicate?

 

Certainly it's simple enough to set up an LDAP server for authentication and network storage shares. It's probably best to virtualize the servers and use a SAN and backup solution. I guess it also depends on how much downtime you are expecting as to how you would need to implement the new configuration.

The removal of the connection was intentional. The two company's are in a bit of a fight and today the It-supporter at Beta was told, by his boss to shutdown our connection. I'm not quite sure what you mean by "forest for your location"? I have not really had the time too see what kind of configuration they had, I was hired yesterday and today they shutdown the connection...  But the domain controller, file server and etc. is at Alpha, but I can't configure anything without a password.. 
There are shared resources that I need to replicate, but because the server is encrypted I can't really do much, can I?

[tt2468]

3 minutes ago, wbk said:

he two company's are in a bit of a fight and today the It-supporter at Beta was told, by his boss to shutdown our connection.

But you own beta, right? Just fire the boss at beta and tell their IT to bring the connection back up

[wbk]

1 minute ago, tt2468 said:

But you own beta, right? Just fire the boss at beta and tell their IT to bring the connection back up

Unfortunately that isn't the case.. We only bought one of their offices, including employees and so on. But we are two separate company's.. 

[aubryscully]

Seems like more of a people issue than a tech issue IMO. Looks to me like you need to gain access to all server equipment, reconfigure the connection, and remove all admin priveleges from incompetent Beta employees.

[argyle]

3 hours ago, wbk said:

The removal of the connection was intentional. The two company's are in a bit of a fight and today the It-supporter at Beta was told, by his boss to shutdown our connection. I'm not quite sure what you mean by "forest for your location"? I have not really had the time too see what kind of configuration they had, I was hired yesterday and today they shutdown the connection...  But the domain controller, file server and etc. is at Alpha, but I can't configure anything without a password.. 
There are shared resources that I need to replicate, but because the server is encrypted I can't really do much, can I?

A forest is an organizational setup within Active Directory, it's a reference to the multiple branches contained within. They are sometimes used for different locations within the greater organization.

If the server is encrypted it's unlikely you'll be able to get any of that data. Should it not be encrypted it's possible in some OSes to gain root access and/or reset the local admin account password.

 

It sounds like you may need to start from scratch, but it also seems like a potential legal issue to get access to the existing system.

[Pixel5]

the whole thing between the companies is not your job and should be solved by people who made that deal.

 

im more wondering why they hired you for a job you you are not an expert on

[Mikensan]

Sort of a terrible transition. Did Alpha have absolutely no computers or servers before acquiring Beta? Or did you guys have computers and servers, then joined them to Beta's domain? 

 

Since it appears you have physical access, it won't be too much work. With everything BUT the domain controller you can simply boot and log into the Local administrator and remove it from the domain. If you do not know the local administrator password then there are bootable tools out there to achieve this. IDK the rules on LTT forums so I won't reference any... Then I'd format the f'ing domain controller and raise a new one and recreate the whopping 15 users accounts. If they locked me out of my own network I would be furious. Man I'm getting worked up just thinking about this scenario. I'd throw away any Beta hardware that resided on Alpha property. I bet they're mad Alpha hired an IT tech vs using their existing staff, worried about layoffs.

 

Also log into your firewall and close whatever ports they opened that allowed them to remote in.

 

If they're being cordial, then demand the local administrator information so you can log in to your local servers and leave the domain.

[Blake]

On 4/12/2017 at 6:03 AM, wbk said:

I just got hired in a company working as their It-supporter.

Previously I primarily worked with level 2 support, and I have never really worked in debt with servers.

But I am a quick learner and i am sure I will be able to work this out, but I do need some sort of advice because I haven't really heard about this particular problem before..
 

So..

The company I am working for (I'll call them Alpha), recently bought a part of another company (I'll call them Beta)..

My company - Alpha overtook computers, furniture, servers and so on.. But... 

The domain, the server provides is owned by Beta. Every user at work still uses their credentials connected to Betas domain.

The server computer is also connected to Beta's domain - therefore Beta won't give me any passwords for the server computer.
 

Today Beta chose to shutdown our connection to their domain. Resulting in every employee being unable to login to their computer.
 

I think that my only solution is to buy a new server and begin from scratch, creating a new domain controller, a new AD and new file server etc..

But I need some advice.. Thx

Get everyone setup as local users first, convert transfer domain user documents to local or 'workgroup' accounts. This will get everyone working. Also make sure you do this for both users and computers.

 

Then get in an MSP. If your asking these types of questions, you in over your head, and i wouldn't be asking you to setup a AD forest. While that happens get a test environment together and start training yourself up with a view to get rid of the MSP when you are up to snuff.